an ethical web hosting service

25 replies [Last post]
Masaru Suzuqi
Offline
Joined: 06/06/2018

Hello, I am still stuck for setting my own server to host my own website. Or rather, I already gave up it.

https://trisquel.info/en/forum/html-editor-and-rental-server#comment-149414

I got a domain. I wanted to relate my IP address and the domain to have HTTPS. I would be able to do that in the a bit far future, I got a little bit used to use Apache2 and BIND9, but even if I was able to set HTTPS to my website, I realized then assert that I absolutely cannot maintain the server as a full libre and respect visitors's privacy thing. That's a (ethical) computer expert's job.

I am going to search for a reliable ethical web hosting service (I think there is no such a thing, though, at least in Japan) but I would appreciate it veryvery much if you could provide it, because mainly even just judging whether the service is reliable or not is very difficult, maybe impossible for me. Please contact me by Jami or email or introduce an ethical web hosting service to me. Thank you veryvery much.

Jami ID: 719f9f85f735440540b6d920cdc57eaad6831d3c

Jaret
Offline
Joined: 12/19/2018

Try Vultr: https://www.vultr.com/
They have Tokyo hosting server and as far as I know they respect privacy.
Free https certificates:
https://en.wikipedia.org/wiki/Let%27s_Encrypt
Automatic certificate renewal can be done with Certbot.

Masaru Suzuqi
Offline
Joined: 06/06/2018

Thank you. However, as far as I took a glance at their privacy policy:
https://www.vultr.com/legal/privacy/
I did not feel that I can fully trust their service.
And it seemed something different from my needs, that like I just past a html page that I made myself on a webpage that they give me and that already has an URL and HTTPS or something like that. And it uses Corebooted machines or Talos or something as their servers, etc... They use the latest Intel CPU for their servers. Is that reliable?

> Automatic certificate renewal can be done with Certbot.

Yes I installed Certbot (maybe)before I got a domain. And if I understand or remember correctly, Certbot requires a server which has a hostname before it gives me the certification. So the procedure has been suspending very much.

Jaret
Offline
Joined: 12/19/2018

With Vultr you use them to deploy a virtual server on desired location (Tokyo for example). The cheapest subscription plan with IPv4 enabled should be more than enough. Then you choose the OS for your virtual server, Debian and OpenBSD can be fully free/libre if no proprietary software is installed. Then you go to your domain name registrar and associate your Vultr virtual server's IP with your domain name. You connect to your virtual server using SSH and you run Certbot, web server, mail server on your virtual server. That's how Vultr works.
About they privacy: if you could not find anything better than Vultr, they seem to be not so bad regarding privacy.
If you want the server hosting to be run on corebooted machines with Trisquel OS, that may be very hard to find.

Masaru Suzuqi
Offline
Joined: 06/06/2018

> With Vultr you use them to deploy a virtual server on desired location (Tokyo for example). The cheapest subscription plan with IPv4 enabled should be more than enough. Then you choose the OS for your virtual server, Debian and OpenBSD can be fully free/libre if no proprietary software is installed. Then you go to your domain name registrar and associate your Vultr virtual server's IP with your domain name. You connect to your virtual server using SSH and you run Certbot, web server, mail server on your virtual server. That's how Vultr works.

It may sounds not impossible, though,

> If you want the server hosting to be run on corebooted machines with Trisquel OS, that may be very hard to find.

This is the problem... if I see what a web hosting service uses the set for their servers, I would be able to trust them without reading their privacy policy. Ungh anyway thank you.

andyprough
Offline
Joined: 02/12/2015

> This is the problem... if I see what a web hosting service uses the set for their servers, I would be able to trust them without reading their privacy policy. Ungh anyway thank you.

Hi Masaru, you might want to look at Vikings hosting for fully libre and libre-boot hosting:
"Vikings is the world's first professional hosting company with a fully libre hosting platform stack. Our services are based 100% on libre boot firmware, libre software and are powered by certified green energy."
https://www.vikings.net/

Here's their contact info: hello (at) vikings (dot) net
Telephone +49 241 60 95 60 95

Masaru Suzuqi
Offline
Joined: 06/06/2018

I knew that, maybe on privacytool.io or somewhere I found it. Then I checked their website but surely there is written that they provide the service but there was/is no detail about the service, but only about their hardware.
But above any things, I never be in business with people who say dirty slang in the easy manner to their customers. I forget so I am not sure which shop I spoke to, though. It was about 2 years ago.

andyprough
Offline
Joined: 02/12/2015

You want me to email them for you and see what I can figure out?

Masaru Suzuqi
Offline
Joined: 06/06/2018

No thank you. What for?

boba
Offline
Joined: 08/28/2017

You might wish to ask these people whether their machines are also libre booted:

https://www.koumbit.org/en/services/web-hosting

Here is a long list of providers for various services, with various ethical goals in mind:

https://riseup.net/en/security/resources/radical-servers

Masaru Suzuqi
Offline
Joined: 06/06/2018

Thanks. I sent some emails to some organizations listed on the link to ask what hardware they use for their service.

By the way, I got an answer from prgmr.com to the same question: https://trisquel.info/en/forum/html-editor-and-rental-server#comment-148799
They run Intel(R) Xeon(R) CPU E5-2660 v2 @ 2.20GHz for their servers. I checked the spec of the server on Wikipedia and Intel website. It did not seem that the CPU has IntelME. But would someone know if the CPU has something notorious functions such as IntelME?

Magic Banana

I am a member!

Offline
Joined: 07/24/2010

All recent Intel processors have ME:

Thus, the ME is present on all Intel desktop, mobile (laptop), and server systems since mid 2006.
https://libreboot.org/faq.html#intel

And according to https://ark.intel.com/content/www/us/en/ark/products/75272/intel-xeon-processor-e5-2660-v2-25m-cache-2-20-ghz.html that processor has vPro and TXT, treacherous computing (the official name is "trusted computing") capabilities.

Masaru Suzuqi
Offline
Joined: 06/06/2018

I see. So maybe I should break the contract with them till the next expiration. But why are you stating such a thing calmly?? The one of the main contributors of this forum is stating that "I have had a good experience with [prgmr][1]." (https://trisquel.info/en/forum/html-editor-and-rental-server#comment-148799) which runs such a server which has Intel ME inside of it for their service. Is not that a problem?? What kind of a good experience he had with them? Or have they recently changed the sever from something corebooted machines or something to the Xeon machines? Indeed as Jaret says, it seeems that it is impossible to find the eethical or nooormal provider. Or running those Intel secure machines for business use, which seems even securer than normal low-end machines for the general public from your writing, could not a be problem? I really don't understand.

boba
Offline
Joined: 08/28/2017

Let's imagine that someone wants to share something with the general public on a simple web page. How much should they care about Intel related vulnerabilities?

Masaru Suzuqi
Offline
Joined: 06/06/2018

I don't know. I am not a computer expert. I think someone might give a shit if the one needs anonymity.

boba
Offline
Joined: 08/28/2017

When you are posting here, how do you feel about anonymity and vulnerabilities?

Masaru Suzuqi
Offline
Joined: 06/06/2018

So here is no contributor to Trisquel team who wants to be anonymous? Even if there is, here is managed by an organization. In my case, I myself personally manage the project.

Jaret
Offline
Joined: 12/19/2018

If it's just one website, you can buy a dedicated computer, coreboot it and install Trisquel and run your personal server from your home. You will need to pay for static IP address, if your ISP has such a deal.
Sometimes ISPs block port 80 to prevent people from running web servers at home.

Masaru Suzuqi
Offline
Joined: 06/06/2018

Yes I was planning that. But I don't know too much anything about computers. I prepared a librebooted X60, I got the domain, a static IP address, my ISP (NTT) does not block any port, so the LAN would be able to supposed as fully libre, but especially about outside of the LAN, maybe the network, I have no idea what I should do and probably understanding every detail about those things even vaguely is impossible for me. I cannot imagine what I have to do, i.e. I cannot list what I have to do. So I said that's a professional's job.

And I cannot run the server 24/7 because I do not want fire in my home.

I have just found something called colocation web hosting service. It might be suitable for my needs, depending on the provider's policy, though.
https://en.wikipedia.org/wiki/Web_hosting_service#Host_management
But Wikipedia has no even the Japanese page about it.
https://en.wikipedia.org/wiki/Colocation_center
So I think there would not be such a center in my home area, maybe even in Japan.
I might try to look for it, though.

Beformed
Online
Joined: 01/13/2017

Here is an interesting tutorial on how to do what you need.

https://invidio.us/watch?v=bdKZVIGRAKQ

Masaru Suzuqi
Offline
Joined: 06/06/2018

Does that mean that I do not have to care about things such as what kind of hardware they use or what kind of privacy policy or surveillance policy they have or anything if I rent a VPS service? If so, there is a Japanese VPS provider so I can exchange them in Japanese. Do not be recommended to do something without not understanding what I am doing is one of the things I learned from this community.

Malsasa
Offline
Joined: 12/01/2016

Hello Masaru, now Codeberg.org provides Codeberg Pages service similar to GitHub Pages for you wanting an ethical website https://pages.codeberg.org. See an excellent example by Infosec Handbook here https://pages.codeberg.org/infosechandbook/index.html. If you wonder, Codeberg is like GitHub but powered by free software. I know this because I am doing little research for ethical code hostings.

Masaru Suzuqi
Offline
Joined: 06/06/2018

Thank you Malsasa. Surely from the second link you gave me, it seems that I might be able to open my works (paintings) on there without problem, but it seems that people use it as mainly, literally, a git. I just learned what git is and if I understand it correctly a git is a place where people share software, so I am not sure if it is a suitable place for both them and me. Anyway I am going to ask them some questions, though.

boba
Offline
Joined: 08/28/2017

"To be loathed and hated as an insufferable smartass git who cannot tell the difference between bloat and functionality and who has grown to consider their umbilicus as the convergence locus of the cosmological oneness, or not to be loathed and endure the permanent worship of sheeplike brainless masses until the last evening breeze renders them unto the loathing flock, that is certainly not the least fascinating question an automaton cog lead builder has to address during this fateful transient life." Shakespeare (Hamlet, First draft).

For alternative drafts, see: https://invidio.us/watch?v=mvaUwagX_uU

Masaru Suzuqi
Offline
Joined: 06/06/2018

I'm sorry. My very low English skill and poor understanding and shallow knowledge cannot understand this level of English and I cannot afford to spend 1-2 hours in translation for per post.

lavrot
Offline
Joined: 07/06/2020

This hosting even works without JavaScript, accepts Bitcoin payments too. They are also sell domains. My site and domain are registred here. It may be a little bit hard for a beginner, but it is ethical!
https://www.nearlyfreespeech.net/